Notes on Using aircrack-ng on macOS

Posted on 2016-03-01 In Daily Issues , Everyday Tools

Install aircrack-ng

brew install aircrack-ng

The installer failed to reach aircrack-ng.org until I set HTTP proxies for the terminal:

1 2	export https_proxy="http://127.0.0.1:6152" export http_proxy="http://127.0.0.1:6152"

The `airport` command

macOS hides an airport utility under /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport. Create a symlink for easier access. On 10.11 you cannot write to /usr/sbin, so link it into /usr/local/bin instead:

1	sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/local/bin/airport

Capture packets with `airport`

List nearby networks:

airport -s

Pick a channel (say 1) and start sniffing:

airport en1 sniff 1

Stop with Ctrl+C; the capture lands in /tmp.

Crack with aircrack-ng

1	aircrack-ng -w zd.txt 1.cap

Look for a capture marked with 1 handshake, select it, and let your wordlist attack run.

References:

《Mac OS X 用终端破解附近 Wifi 密码教程》
《Mac安装Aircrack-ng》
《如何为MacOS X终端设置代理》
《MacOS让终端命令使用全局代理》

Install aircrack-ng

The airport command

Capture packets with airport

Crack with aircrack-ng

The `airport` command

Capture packets with `airport`